Based on above announcement, I am deeply confused even frustrated that Security domain and capabilities are not taking into account for Joomla Framework ver2.

Online companies, organizations, individuals are constantly getting hacked and their information is up for the grabs because secure domains and requirements are not considered when building applications and online/mobile presence.

What is Joomla leadership and technology teams doing to address security in the Joomla Framework and Joomla CMS.

As far as building an application via the Framework goes, a tool that isn't offered is an ACL system to limit user behaviors within the application (however there are plenty of alternatives in the PHP marketplace). This feature obviously exists in the CMS.

There are tools in place to enable developers to encrypt data via the Crypt and Keychain packages (with similar classes in the CMS) and the application classes support HTTPS based connections.

Compared to other framework and CMS stacks in the PHP marketplace, I'd say that what Joomla offers out of the box is on par with other vendors as far as providing various tools goes. Without knowing specifically what you feel needs to be addressed in our code base, it's difficult to give any additional feedback.